Regardless what method you are using (at least for those I know), there will always be a way for malicious users to abuse it and run a different program with your administrator account. Therefore, if you have untrusted tech-savvy users, try to lock down the administrator account you use as good as possible (or if possible, tweak the locations where your program wants to write to so that non-admins can write there and the program works without admin privs; use ProcMon to find them).

CPAU can be used to store a program with credentials in an encrypted file and re-run the program with the credentials without user interaction (e. g. from a shortcut)

There is a program called Win-SUDO that claims to emulate SUDO for Windows - but in fact it also only stores the credentials encrypted in the registry at a location that is readable by the users who may use Win-SUDO.

Saving the credentials with the runas command with savecred works too, but you can run other programs as admin this way as well.

You can also create a "scheduled" task that is scheduled to run never and runs with the credentials of the user, and launch it manually when needed; this method also stores the credentials of the user that is supposed to run the task, but unlike runas command it is not that easy to reuse the credentials for different processes. Note that it is not possible to run an interactive process that way on Windows XP (or at least you cannot interact with it).

Anyway, the correct solution is to either try to get the original program running without admin privileges, or run it as a service in the background in case no user interaction is required. Or try to get the vendor to provide a fixed version that works without admin privileges or uses a service for those parts that need them.